From b5a3fe910f8c93afad0b6ffcd1f2d6b50ef78b05 Mon Sep 17 00:00:00 2001 From: Christophe Vandeplas Date: Thu, 11 Jan 2018 08:44:18 +0100 Subject: [PATCH] grammar check --- ...to-share-vulnerability-information-efficiently.md | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/_posts/2018-01-09-Using-MISP-to-share-vulnerability-information-efficiently.md b/_posts/2018-01-09-Using-MISP-to-share-vulnerability-information-efficiently.md index cc0b1e0..7980b33 100755 --- a/_posts/2018-01-09-Using-MISP-to-share-vulnerability-information-efficiently.md +++ b/_posts/2018-01-09-Using-MISP-to-share-vulnerability-information-efficiently.md @@ -7,24 +7,24 @@ featured: /assets/images/misp-small.png # Using MISP to share vulnerability information efficiently Software and hardware vulnerabilities are often discussed, shared, prepared, analysed and reviewed before publication. This process -can be tedious as it is often includes multiple exchanges between the parties involved, including reporters, proxy-reporters, coordinators, +can be tedious as it often includes multiple exchanges between the parties involved, including reporters, proxy-reporters, coordinators, editors and even impacted parties. Some vulnerabilities might be shared and exchanged among trusted parties for months before being officially disclosed. This can generate a significant workload on the staff dealing with a security team, vulnerability assessment team or CNA (CVE Numbering Authorities). -As MISP provides the complete list of functionalities facilitating thesharing of information, sharing and collaborating on security vulnerabilities +As MISP provides the complete list of functionalities facilitating the sharing of information, sharing and collaborating on security vulnerabilities within a trusted group is as easy as sharing indicators. ## MISP Objects MISP objects provide a flexible way to describe combined information using a simple templating system. There is already a vulnerability -object which covers the most common cases used by organisations such as CSIRTs, security team or security assessment team. But if you -have a specific use-case of vulnerability information to share, a MISP object can be built from a template in a matter of minutes. +object which covers the most common cases used by organisations such as CSIRTs, security teams or security assessment teams. If you +have a specific use-case of vulnerability information to share, a MISP object can also be built from a custom template in a matter of minutes. # How to share vulnerability information within MISP to a trusted group Sharing a set of vulnerabilities to a trusted group is straightforward. First you create an event which will contain one or more -vulnerabilities and assign the corresponding sharing group. An event is just a container with meta-data associated with it such as classification +vulnerabilities and assign the corresponding sharing group. An event is just a container with meta-data associated with it such as a classification or a generic description. ![](/assets/images/misp/blog/vul01.png) @@ -34,7 +34,7 @@ a vulnerability object can be added to describe the vulnerability. ![](/assets/images/misp/blog/vul02.png) -The vulnerability object is composed of various attributes such as vulnerable configuration expressed as a CPE value and +The vulnerability object is composed of various attributes such as the vulnerable configuration expressed as a CPE value and can be added multiple times if you have different vulnerable configurations. ![](/assets/images/misp/blog/vul03.png)